Deviceless Authentication (1.5-Factor)
The aim of deviceless authentication (or 1.5-factor authentication / 1.5FA) is to deliver a one time code solution without the need for a separate physical device. Traditionally all one time code systems had to be two factor solutions and the codes were displayed on the second physical factor. In these cases the first factor was still a PIN or password.
In contrast, deviceless authentication does not require a PIN, password or second factor device at all. Instead a challenge is displayed directly on screen which only the user would know how to respond to; the response is a one time code.
Deviceless authentication bridges the gap between the convenience of passwords and the complexity of physical tokens. By simply replacing a password based logon with deviceless authentication you remove the threat of key loggers and malware trying to steal PINs and passwords. Once the password is replaced you have also just removed the costly and continuous password reset process.
- Does not require hardware tokens or software apps
- No costs associated with SMS/TEXT messages
- Replace passwords
- Integrate directly into web page or app
- Remove threat from key loggers
- Risk and cost appropriate security for lower value assets
- Convenient access to internal & Cloud-based applications
- Rapid adoption and deployment
- Seamless step-up to 2 Factor when needed
Our Deviceless Authentication Technologies
PINgrid is a pattern based authentication type that uses a grid of numbers combined with a user defined pattern to generate a one time code. The pattern becomes a ‘what you know’ factor during the logon process, making this authentication type ideal for deviceless authentication solutions.
PINphrase is a familiar language based authentication type where users provide single characters from an answer to a well known question. Because the answer is not divulged by the user during the logon process, this can be used as a deviceless authentication solution. Users who have used online banking may be more familiar with this authentication type.
Frequently Asked Questions
How is deviceless authentication better than passwords?
Passwords are a single factor of authentication which are easily forgotten and users often write them down on post-it notes, or reuse them on multiple systems. They are easily stolen via malware and key loggers to be used at a later time by hackers. When you type in a password you have basically given it away as it could be intercepted at any time and should no longer be considered secret.
Deviceless authentication does away with the static nature of passwords entirely. This thwarts malware and key loggers as a stolen code is no use once it has been used. Crucially, unlike a password, the “secret” the user knows the answer to is not given away during a logon.
All this is achieved without the need for a second factor device.
Is deviceless authentication as secure as 2 FA?
Strictly speaking, no, deviceless authentication is not as secure as 2FA. However it is much more secure than password based 1FA.
Deviceless authentication is an ideal middle ground of increased security over passwords without the sledge hammer approach of adding 2FA to everything. It is ideally suited to situations where some protection is needed to low value assets, however convenience is also critical.